How Trend Micro Is Embracing the GDPR

Unwavering commitment to security

With DNA rooted in security, we operate in over 50 countries around the world, including in regions like Germany and Japan, where data privacy regulations have historically been some of the most rigorous in the world. And with the introduction of the GDPR, Trend Micro’s focus on security and data protection continues to be a top priority, underpinning the commitment to evolve our already strong security policies across all operating regions.

A holistic approach to GDPR Readiness

As part of our GDPR compliance journey, we worked with internal and external subject matter experts, independent auditors, and consulting partners, while also referencing multiple checklists from the UK Information Commissioner’s Office (ICO) and other EU regulatory organizations. This thorough approach helped us ensure that we covered all areas of the regulation and have all necessary activities and processes in place to protect our – and your – data.

Our GDPR journey

As a leader in cybersecurity, our approach to data privacy is comprehensive and holistic, and we are now leveraging the GDPR to become a baseline level of security across the globe – this is not just an EU initiative for Trend Micro. Demonstrating this commitment to data privacy, we touched many parts of the organization to ensure that wherever data resides, we know about it and treat it appropriately.

Awareness and education

Awareness and education

Awareness and education are fundamental to any program focused on security. As a part of our focus on protecting customers’ data and complying with the GDPR, we have provided training across our organization and ensured clear communication to maximize awareness, including:

Appointment of a dedicated project leader with authority to recruit SMEs and ensure timely delivery of requirements

Global education of Trend Micro employees

Ensuring our partners and customers are aware of the GDPR and what it means through webinars, conferences, and one-to-one meetings

Understanding and dealing with the data we have

Understanding and dealing with the data we have

In order to protect data, you need to know what and where it is. Integral to our compliance journey was assessing the data we have across the company and its composition as well as putting in place measures to ensure ongoing knowledge of all new data entering the company. This process included activities like:

The completion of a comprehensive, global data mapping exercise across the organization